package com.lanou.realm;


import com.lanou.bean.UserBean;
import com.lanou.service.LoginService;
import com.lanou.utils.StrUtils;
import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;


import javax.annotation.Resource;
import java.util.ArrayList;
import java.util.List;

/**
 * Created by dllo on 18/3/7.
 */

public class MyRealm extends AuthorizingRealm {

    @Resource(name = "loginService")
    private LoginService loginService;

    @Override
    public String getName() {
        return "myPerRealm";
    }

    @Override
    public boolean supports(AuthenticationToken token) {
        return token instanceof UsernamePasswordToken;
    }


    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {

        //授权的方法
        //将认证方法中返回的对象取出
        UserBean student = (UserBean) principalCollection.getPrimaryPrincipal();

        //**********************假数据*********************

        List<String> permissionList = new ArrayList<>();

        permissionList.add("user:create");
        permissionList.add("user:query");

        List<String> roleList = new ArrayList<>();
        roleList.add("CEO");
        roleList.add("DE");

        //授权信息对象，用来保存所有的角色和授权信息
        SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
        info.addStringPermissions(permissionList);
        info.addRoles(roleList);

        //**********************假数据*********************

        return info;
    }

    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
        //1.获取token中的用户名

        String username = (String) authenticationToken.getPrincipal();

        UserBean userBean = loginService.loginSel(username);

        //**************假数据开始**************

        if (userBean == null) {
//            return null;
            throw new UnknownAccountException("账号不存在");
        }
        //**************假数据结束**************
        //如果账户存在，接着验证密码

        String password = new String((char[]) authenticationToken.getCredentials());
        //**************假数据开始**************

        if (!userBean.getPassword().equals(password)) {
            throw new IncorrectCredentialsException("密码错误");
        }
        //**************假数据结束**************

        System.out.println(username+"+++++++++++++++++++++++++++++++++++++");
        System.out.println(password+"-------------------------------------");

        return new SimpleAuthenticationInfo(userBean, password, getName());
    }



    // 判断是否为空
    private boolean userArgs(UserBean user) {

        // 用户名和密码不能为空
        if (StrUtils.isNull(user.getName()) || StrUtils.isNull(user.getPassword())) {
            return false;
        }
        return true;

        // 97~102行也可以如下替换
//        return StrUtils.isPhoneNumberRight(user.getTel());
    }


}
